In a recent development in an ongoing business dispute, the nonprofit behind WordPress, a popular content management system, has taken control of a widely used plugin. Word is that this move is aimed at addressing security and ethics concerns that arose in a dispute with web host WP Engine.

Announcement of the Takeover

WordPress founder Matt Mullenweg just let us know that the organization would fork the Advanced Custom Fields (ACF) plugin, re-releasing it under a new name: Secure Custom Fields. ACF is a plugin that’s used by many WordPress sites to make it easier to manage custom fields and options on pages and content items. Mullenweg said that the change was needed to “get rid of commercial upsells and fix a security problem.”

Criticism from ACF Team

The team behind ACF wasn’t too happy about the move. They said that the plugin had been “unilaterally and forcibly taken away” from its original creators without their consent. They said it’s never happened before in WordPress history and questioned whether it was ethical.

WordPress and Mullenweg’s Rebuttal

WordPress and Mullenweg said similar precedents have been set before and that the organization’s policies allow them to disable or alter any plugin if it’s necessary to improve security. They did say it’s not something they do often.

Background of the Dispute

The back-and-forth is the latest round in an ongoing battle between WordPress and WP Engine. WordPress had previously banned WP Engine from its plugin directory over branding issues, but then lifted the ban for a while before putting it back in place. WP Engine came up with a way for users to get updates to ACF without going through official channels.

Future of Secure Custom Fields

Going forward, Mullenweg said that Secure Custom Fields would be kept as a non-commercial project, open to volunteer developers. The public disagreement highlights ongoing tensions surrounding commercialization, control, and ethics in the open-source WordPress ecosystem.

Implications for the WordPress Community

This shows how the different issues of security, ethics and commercial interests in the WordPress community often overlap. The decision to fork ACF and re-release it as Secure Custom Fields brings up some important questions about control and the rights of plugin developers in the open-source ecosystem.

Conclusion

The takeover of the ACF plugin by WordPress marks a major change in how popular plugins are managed in this ecosystem. While the move is justified by security and ethical concerns, it has sparked controversy and raised questions about the future of plugin development and the role of commercial entities in the open-source community. The ongoing dispute between WordPress and WP Engine is still having an impact on how the WordPress ecosystem works. This is relevant for developers, users, and the wider open-source community.